BOSTON -- A research scientist with a deep knowledge of the psychological factors that drive people in different countries to take on a life of cybercrime, is predicting a new wave of cyber extortion tactics to be used in attacks against firms in the United States.
Max Kilger, a senior member of the non-profit research organization, The Honeynet Project, told attendees at the SOURCE Boston 2010 conference last week that cybercriminals based in emerging countries are in many cases stepping up their attacks and could turn their methods of extortion against firms in the United States. Similar tactics have already been documented in attacks on businesses in Russia, China and Eastern Europe.
Kilger, a member of the National Academy of Engineering's Combating Terrorism Committee, which was charged with recommending counterterrorism methodologies to Congress and federal agencies, has been researching the changing tactics of the hacker community.
The economic and political power of some hacking groups is rising in many countries, Kilger said. In Russia a suspected member of the Russian Business Network, a cybercriminal organization, had enough money and power to get elected to the Russian parliament, he said.
Cyber extortion and critical infrastructure:
SCADA system, critical infrastructure security lacking, survey finds: IT and security executives at firms that own critical infrastructure facilities are concerned about the lack of security protecting underlying management systems from attack.
Chinese hacker attacks target Google Gmail accounts, top tech firms: Up to 33 Silicon Valley tech firms, financial companies and government contractors have been breached by a sophisticated attack believed to have originated in China.
How to protect your company against cybercrime: Thanks to the Internet's inherent anonymity, widespread reach and disjointed law enforcement status, cybercriminals have a lot to gain -- and enterprises have a lot to lose.
"[The Internet] is changing the probability of success in attacking something and the magnitude of the damage is increasing exponentially," Kilger said.
Kilger's extortion prediction hinges on research that shows a loose coupling of cybercriminals and criminal enterprises. The cybercriminals collects information on the target, while the criminal enterprises can use their muscle to physically threaten the target.
A report released by the Center for Strategic and International Studies (CSIS) in January, noted that cybercriminals may be taking on more risk by using extortion tactics to reap greater rewards. It noted a rise in cyber extortion among companies that own oil and gas refineries and electric utilities; mainly cybercriminals using distributed denial-of-service DDoS attacks as an extortion tool.
CSIS surveyed more than 600 IT and security executives who work for many of the companies that run critical infrastructure facilities. The survey found that one-in-five critical infrastructure entities reported being the victim of extortion through cyberattack or threatened cyberattack within the past two years. CSIS said the figure may be higher, as some extortion attempts go unreported by companies attempting to protect their reputation.
The CSIS survey found extortion most common in India, Saudi Arabia, China and France. It was rarest in the UK and United States.
Security experts have already determined that money is the biggest motivator of hackers. Kilger said the hacking community is also continually driven by individuals seeking to stroke their ego by creating elegant code or proving mastery over defeating security defenses. Other hackers are desperate to gain status in a social group and cybercriminal organizations serve that purpose, he said.
"The hacking community is an aristocracy," Kilger said. "The more skills you have the higher status you have in the group."
Kilger contrasted the different factors motivating people to become cybercriminals in Romania against those joining China's growing hacking community. In Romania, he said, there isn't a big opportunity for legitimate business and "people turn to fraud to pay day-to-day expenses." Ego plays a large role as well, he said. In China, where the economy has a 10% annual growth rate, the black hat world is evolving at a hyper rate, he said. Chinese hackers have a strong sense of nationalism and researchers have documented "synergistic interactions" between Chinese black hat hacking groups and the Chinese government.
"They're growing huge pools of financial resources," Kilger said of China's hacking community. "As they're hacking away, they're making big money."